﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;

namespace Common
{
    public static class SqlParameterHelper
    {
        public static string SqlFilter( this string pvalue )
        {
            if (string.IsNullOrEmpty(pvalue))
            {
                return pvalue;
            }

            pvalue = pvalue.Replace(":", "&#59;");
            pvalue = pvalue.Replace("\"", "&#34;");
            pvalue = pvalue.Replace("%", "&#37;");
            pvalue = pvalue.Replace("'", "&#39;");
            pvalue = pvalue.Replace("(", "&#40;");
            pvalue = pvalue.Replace(")", "&#41;");
            pvalue = pvalue.Replace("*", "&#42;");
            pvalue = pvalue.Replace("+", "&#43;");
            pvalue = pvalue.Replace("--", "&#45;&#45;");
            pvalue = pvalue.Replace("<", "&#60;");
            pvalue = pvalue.Replace("=", "&#61;");
            pvalue = pvalue.Replace(">", "&#62;");
            pvalue = pvalue.Replace("\\", "&#92;");

            return pvalue;
        }
    }
}
